Newer
Older
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
#
# Server configuration
#
[server]
# User to run this daemon as
#user=
#group=
# Filename to store pid of parent process
pid_file=/tmp/smradiusd.pid
# Uncommenting the below option will prevent awradiusd going into the background
#background=no
# Preforking configuration
#
# min_server - Minimum servers to keep around
# min_spare_servers - Minimum spare servers to keep around ready to
# handle requests
# max_spare_servers - Maximum spare servers to have around doing nothing
# max_servers - Maximum servers alltogether
# max_requests - Maximum number of requests each child will serve
#
# One may want to use the following as a rough guideline...
# Small : 2, 2, 4, 10, 1000
# Medium: 4, 4, 12, 25, 1000
# Large : 8, 8, 16, 64, 1000
#
#min_servers=4
#min_spare_servers=4
#max_spare_servers=12
#max_servers=25
#max_requests=1000
# Log level:
# 0 - Errors only
# 1 - Warnings and errors
# 2 - Notices, warnings, errors
# 3 - Info, notices, warnings, errors
# 4 - Debugging
#log_level=2
# File to log to instead of stdout
#log_file=/var/log/smradiusd.log
# Things to log in extreme detail
# modules - Log detailed module running information
#
# There is no default for this configuration option. Options can be
# separated by commas. ie. modules
#
#log_detail=
# IP to listen on, * for all
#host=*
# Timeout in communication with clients
#timeout=120
# cidr_allow/cidr_deny
# Comma, whitespace or semi-colon separated. Contains a CIDR block to
# compare the clients IP to. If cidr_allow or cidr_deny options are
# given, the incoming client must match a cidr_allow and not match a
# cidr_deny or the client connection will be closed.
#cidr_allow=0.0.0.0/0
#cidr_deny=
[database]
#DSN=DBI:SQLite:dbname=sitemanager.sqlite
DSN=DBI:mysql:database=smradius;host=localhost
Username=root
Password=root
# What do we do when we have a database connection problem
# tempfail - Return temporary failure
# pass - Return success
bypass_mode=tempfail
# How many seconds before we retry a DB connection
bypass_timeout=5
[dictionary]
load=<<EOT
dicts/dictionary
dicts/dictionary.microsoft
dicts/dictionary.mikrotik
EOT
[authentication]
mechanisms=<<EOT
mod_auth_pap
mod_auth_chap
mod_auth_mschap
EOT
users=<<EOT
mod_userdb_sql
EOT
[system]
plugins=<<EOT
mod_config_sql
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
EOT
[features]
plugins=<<EOT
mod_feature_capping
mod_feature_validity
EOT
[accounting]
plugins=<<EOT
mod_accounting_sql
EOT
[mod_accounting_sql]
accounting_start_query=<<EOT
INSERT INTO @TP@accounting
(
Username,
ServiceType,
FramedProtocol,
NASPort,
NASPortType,
CallingStationID,
CalledStationID,
NASPortID,
AcctSessionID,
FramedIPAddress,
AcctAuthentic,
EventTimestamp,
AcctStatusType,
NASIdentifier,
NASIPAddress,
AcctDelayTime
)
VALUES
(
%{request.User-Name},
%{request.Service-Type},
%{request.Framed-Protocol},
%{request.NAS-Port},
%{request.NAS-Port-Type},
%{request.Calling-Station-Id},
%{request.Called-Station-Id},
%{request.NAS-Port-Id},
%{request.Acct-Session-Id},
%{request.Framed-IP-Address},
%{request.Acct-Authentic},
%{request.Timestamp},
%{request.Acct-Status-Type},
%{request.NAS-Identifier},
%{request.NAS-IP-Address},
%{request.Acct-Delay-Time}
)
EOT
accounting_update_query=<<EOT
UPDATE @TP@accounting
SET
AcctSessionTime = %{request.Acct-Session-Time},
AcctInputOctets = %{request.Acct-Input-Octets},
AcctInputGigawords = %{request.Acct-Input-Gigawords},
AcctInputPackets = %{request.Acct-Input-Packets},
AcctOutputOctets = %{request.Acct-Output-Octets},
AcctOutputGigawords = %{request.Acct-Output-Gigawords},
AcctOutputPackets = %{request.Acct-Output-Packets},
AcctStatusType = %{request.Acct-Status-Type}
WHERE
UserName = %{request.User-Name}
AND AcctSessionID = %{request.Acct-Session-Id}
AND NASIPAddress = %{request.NAS-IP-Address}
EOT
accounting_stop_query=<<EOT
UPDATE @TP@accounting
SET
AcctSessionTime = %{request.Acct-Session-Time},
AcctInputOctets = %{request.Acct-Input-Octets},
AcctInputGigawords = %{request.Acct-Input-Gigawords},
AcctInputPackets = %{request.Acct-Input-Packets},
AcctOutputOctets = %{request.Acct-Output-Octets},
AcctOutputGigawords = %{request.Acct-Output-Gigawords},
AcctOutputPackets = %{request.Acct-Output-Packets},
AcctStatusType = %{request.Acct-Status-Type},
AcctTerminateCause = %{request.Acct-Terminate-Cause}
WHERE
UserName = %{request.User-Name}
AND AcctSessionID = %{request.Acct-Session-Id}
AND NASIPAddress = %{request.NAS-IP-Address}
EOT
accounting_usage_query=<<EOT
SELECT
SUM(AcctInputOctets) AS InputOctets,
SUM(AcctOutputOctets) AS OutputOctets,
SUM(AcctInputGigawords) AS InputGigawords,
SUM(AcctOutputGigawords) AS OutputGigawords,
SUM(AcctSessionTime) AS SessionTime
FROM
@TP@accounting
WHERE
Username = %{request.User-Name}
EOT
[mod_userdb_sql]
userdb_find_query=<<EOT
SELECT
ID
FROM
@TP@users
WHERE
UserName = %{request.User-Name}
EOT
userdb_get_group_attributes_query=<<EOT
SELECT
group_attributes.Name, group_attributes.Operator, group_attributes.Value
FROM
@TP@group_attributes, @TP@users_to_groups
WHERE
users_to_groups.UserID = %{userdb.id}
AND group_attributes.GroupID = users_to_groups.GroupID
EOT
userdb_get_user_attributes_query=<<EOT
SELECT
Name, Operator, Value
FROM
@TP@user_attributes
WHERE
UserID = %{userdb.id}
EOT